{{/* vim: set filetype=mustache: */}}

{{/*
Return the proper Cassandra image name
*/}}
{{- define "cassandra.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}
{{- end -}}

{{/*
Return the proper metrics image name
*/}}
{{- define "cassandra.metrics.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }}
{{- end -}}

{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "cassandra.volumePermissions.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }}
{{- end -}}

{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "cassandra.imagePullSecrets" -}}
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) }}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
{{- define "cassandra.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
    {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
    {{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

{{/*
Return the list of Cassandra seed nodes
*/}}
{{- define "cassandra.seeds" -}}
{{- $seeds := list }}
{{- $fullname := include "common.names.fullname" .  }}
{{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }}
{{- $seedCount := .Values.cluster.seedCount | int }}
{{- range $e, $i := until $seedCount }}
{{- $seeds = append $seeds (printf "%s-%d.%s-headless.%s.svc.%s" $fullname $i $fullname $releaseNamespace $clusterDomain) }}
{{- end }}
{{- range .Values.cluster.extraSeeds }}
{{- $seeds = append $seeds . }}
{{- end }}
{{- join "," $seeds }}
{{- end -}}

{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "cassandra.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "cassandra.validateValues.seedCount" .) -}}
{{- $messages := append $messages (include "cassandra.validateValues.tls" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}

{{- if $message -}}
{{-   printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}

{{/* Validate values of Cassandra - Number of seed nodes */}}
{{- define "cassandra.validateValues.seedCount" -}}
{{- $replicaCount := int .Values.replicaCount }}
{{- $seedCount := int .Values.cluster.seedCount }}
{{- if or (lt $seedCount 1) (gt $seedCount $replicaCount) }}
cassandra: cluster.seedCount

    Number of seed nodes must be greater or equal than 1 and less or
    equal to `replicaCount`.
{{- end -}}
{{- end -}}

{{/* Validate values of Cassandra - Tls enabled */}}
{{- define "cassandra.validateValues.tls" -}}
{{- if and (include "cassandra.tlsEncryption" .) (not .Values.tls.autoGenerated) (not .Values.tls.existingSecret) (not .Values.tls.certificatesSecret) }}
cassandra: tls.enabled
    In order to enable TLS, you also need to provide
    an existing secret containing the Keystore and Truststore or
    enable auto-generated certificates.
{{- end -}}
{{- end -}}

{{/* vim: set filetype=mustache: */}}
{{/*
Return  the proper Commit Storage Class
{{ include "cassandra.commitstorage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
*/}}
{{- define "cassandra.commitstorage.class" -}}
{{- $storageClass := .persistence.commitStorageClass -}}
{{- if .global -}}
    {{- if .global.storageClass -}}
        {{- $storageClass = .global.commitStorageClass -}}
    {{- end -}}
{{- end -}}

{{- if $storageClass -}}
  {{- if (eq "-" $storageClass) -}}
      {{- printf "storageClassName: \"\"" -}}
  {{- else }}
      {{- printf "storageClassName: %s" $storageClass -}}
  {{- end -}}
{{- end -}}
{{- end -}}

{{/*
Return true if encryption via TLS for client connections should be configured
*/}}
{{- define "cassandra.client.tlsEncryption" -}}
{{- if (or .Values.tls.clientEncryption .Values.cluster.clientEncryption) -}}
    {{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return true if encryption via TLS for internode communication connections should be configured
*/}}
{{- define "cassandra.internode.tlsEncryption" -}}
{{- if (ne .Values.tls.internodeEncryption "none") -}}
    {{- printf "%s" .Values.tls.internodeEncryption -}}
{{- else if (ne .Values.cluster.internodeEncryption "none") -}}
    {{- printf "%s" .Values.cluster.internodeEncryption -}}
{{- else -}}
    {{- printf "none" -}}
{{- end -}}
{{- end -}}

{{/*
Return true if encryption via TLS should be configured
*/}}
{{- define "cassandra.tlsEncryption" -}}
{{- if or (include "cassandra.client.tlsEncryption" . ) ( ne "none" (include "cassandra.internode.tlsEncryption" . )) -}}
    {{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return the Cassandra TLS credentials secret
*/}}
{{- define "cassandra.tlsSecretName" -}}
{{- $secretName := coalesce .Values.tls.existingSecret .Values.tls.tlsEncryptionSecretName -}}
{{- if $secretName -}}
    {{- printf "%s" (tpl $secretName $) -}}
{{- else -}}
    {{- printf "%s-crt" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a TLS credentials secret object should be created
*/}}
{{- define "cassandra.createTlsSecret" -}}
{{- if and (include "cassandra.tlsEncryption" .) .Values.tls.autoGenerated (not .Values.tls.existingSecret) (not .Values.tls.tlsEncryptionSecretName) }}
    {{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a TLS credentials secret object should be created
*/}}
{{- define "cassandra.tlsPasswordsSecret" -}}
{{- $secretName := coalesce .Values.tls.passwordsSecret .Values.tls.tlsEncryptionSecretName -}}
{{- if $secretName -}}
    {{- printf "%s" (tpl $secretName $) -}}
{{- else -}}
    {{- printf "%s-tls-pass" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}

{{/*
Returns the available value for certain key in an existing secret (if it exists),
otherwise it generates a random value.
*/}}
{{- define "getValueFromSecret" }}
    {{- $len := (default 16 .Length) | int -}}
    {{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}}
    {{- if $obj }}
        {{- index $obj .Key | b64dec -}}
    {{- else -}}
        {{- randAlphaNum $len -}}
    {{- end -}}
{{- end }}

{{- define "cassandra.password" -}}
    {{- if .Values.dbUser.password }}
        {{- .Values.dbUser.password }}
    {{- else if (not .Values.dbUser.forcePassword) }}
        {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "cassandra-password")  -}}
    {{- else }}
        {{ required "A Cassandra Password is required!" .Values.dbUser.password }}
    {{- end }}
{{- end -}}

{{- define "cassandra.keystore.password" -}}
    {{- if .Values.tls.keystorePassword }}
        {{- .Values.tls.keystorePassword }}
    {{- else }}
        {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (printf "%s-%s" (include "common.names.fullname" .) "tls-pass" | trunc 63 | trimSuffix "-") "Length" 10 "Key" "keystore-password")  -}}
    {{- end }}
{{- end -}}

{{- define "cassandra.truststore.password" -}}
    {{- if .Values.tls.truststorePassword }}
        {{- .Values.tls.truststorePassword }}
    {{- else }}
        {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (printf "%s-%s" (include "common.names.fullname" .) "tls-pass" | trunc 63 | trimSuffix "-") "Length" 10 "Key" "truststore-password")  -}}
    {{- end }}
{{- end -}}


{{/*
Returns the available TLS Cert in an existing secret (if it exists),
otherwise it generates a new one.
*/}}
{{- define "cassandra.getTlsCertStrFromSecret" }}
    {{- $len := (default 365 .Length) | int -}}
    {{- $ca := "" -}}
    {{- $crt := "" -}}
    {{- $key := "" -}}
    {{- $tlsCert := (lookup "v1" "Secret" .Release.Namespace (printf "%s-%s" (include "common.names.fullname" .) "crt" | trunc 63 | trimSuffix "-")).data -}}

    {{- if $tlsCert }}
        {{- $ca = (get $tlsCert "ca.crt" | b64dec) -}}
        {{- $crt = (get $tlsCert "tls.crt" | b64dec) -}}
        {{- $key = (get $tlsCert "tls.key" | b64dec) -}}
    {{- else -}}
        {{- $caFull := genCA "cassandra-ca" 365 }}
        {{- $fullname := include "common.names.fullname" . }}
        {{- $releaseNamespace := .Release.Namespace }}
        {{- $clusterDomain := .Values.clusterDomain }}
        {{- $serviceName := include "common.names.fullname" . }}
        {{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
        {{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) "localhost" "127.0.0.1" $fullname }}
        {{- $cert := genSignedCert $fullname nil $altNames 365 $caFull }}
        {{- $ca = $caFull.Cert -}}
        {{- $crt = $cert.Cert -}}
        {{- $key = $cert.Key -}}
    {{- end -}}

    {{- printf "%s###%s###%s" $ca $crt $key -}}
{{- end }}

{{/*
Get the metrics config map name.
*/}}
{{- define "cassandra.metricsConfConfigMap" -}}
    {{- printf "%s-metrics-conf" (include "common.names.fullname" . ) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
